Registration Process Flow
Following are the service’s endpoints to be implemented to complete the registration process.
1. Check Identity (ciamregsrvc/webRegistration/checkIdentity)
This endpoint checks whether the User is available in Cymmetri Database with following scenarios:
Check User in Cymmetri Database
Query the Cymmetri database using the user details.
If the user is found, initiate the login flow.
If the user is not found, proceed to the next step.
Else, user will be checked in the CBS with the keeping following scenarios in consideration
Query the Bank database using the user details.
If the user is found, trigger the registration flow.
Send an OTP (One-Time Password) to the user's registered email.
If the user is not found, proceed to the next step.
IF neither cymmetri nor bank holds this user, then the following action will be performed
send a response indicating invalid data/user does not exist.
post
This endpoint requires the following scopes:
AuthorizationstringRequired
locLatitudestringOptional locLongitudestringOptional Body
cardNumberstringOptionalExample: String deviceIdstringRequiredExample: String idstringOptionalExample: String typestringOptionalExample: String 2. Verify Email OTP (ciamregsrvc/webRegistration/VerifyEmailOtp)
Email OTP Verification Steps:
Sending Email OTP: Generate and send an OTP to the user’s email in the registration step.
Verifying Email OTP: When a user submits the OTP, it needs to be verified.
If Email OTP is Correct:
Move to the next step and send a mobile OTP.
If Email OTP is Incorrect:
If the user reaches the maximum number of attempts allowed, block the user.
post
This endpoint requires the following scopes:
AuthorizationstringRequired
locLatitudestringOptional locLongitudestringOptional Body
expInMinuteinteger · int32Optional
otpLengthinteger · int32Optional
3. Resend OTP Email (ciamregsrvc/webRegistration/resendOtpEmail)
If the user does not receive the OTP, they can request to resend it.
post
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional 4. Verify Mobile OTP(ciamregsrvc/webRegistration/VerifyMobileOtp)
Mobile OTP Verification Steps:
Sending Mobile OTP: Generate and send an OTP to the user’s mobile in the verify email OTP step.
Verifying Mobile OTP: When a user submits the OTP, it needs to be verified.
If Mobile OTP is Correct:
Proceed to the next step.
If Mobile OTP is Incorrect:
If the user reaches the maximum number of attempts allowed, block the user.
post
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional Body
5. Resend OTP Mobile (ciamregsrvc/webRegistration/resendOtpMobile)
If the user does not receive the OTP, they can request to resend it.
resendOtpMobile
post
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional 6. Get MFA LIST (ciamregsrvc/webRegistration/mfa/list)
Fetch all the available MFA factors.
get
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional 7. Authenticate User (ciamregsrvc/webRegistration/authenticateUser)
Authentication Steps:
Authenticate user with available MFA factors like credit card, debit card.
If the user entered correct details, proceed to the next step.
If a user entered wrong details and reaches the maximum number of attempts allowed, block the user.
authenticateUser
post
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional Body
authenticationTypestring · enumRequiredExample: DEBIT_CARDPossible values: expiryMonthstringOptional
8. Fetch existing User Id (ciamregsrvc/webRegistration/existingUserId)
Fetch user ID from the existing system (bank database if available).
get
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional 9. Save user id (ciamregsrvc/webRegistration/saveuserid)
User can save a new user ID if it is not already in use.
post
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional Body
passwordstringOptionalExample: String userIdstringOptionalExample: String 10. Validate Password (ciamregsrvc/webRegistration/validatePassword)
· Validate if the password follows all the rules.
· If it does, move on to the next step.
· If it doesn't, the user needs to choose another password.
validatePassword
post
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional Body
passwordstringOptionalExample: String userIdstringOptionalExample: String 11. Set Password: (ciamregsrvc/webRegistration/setIbPassword)
· The user can set a password that meets all the password policy requirements.
setUserIdPasswordForIb
post
This endpoint requires the following scopes:
AuthorizationstringRequired
AuthorizationstringRequired locLatitudestringOptional locLongitudestringOptional Body
customerIdstringOptionalExample: String customerTypestringOptionalExample: String emailstringOptionalExample: String firstNamestringOptionalExample: String genderstringOptionalExample: String lastNamestringOptionalExample: String middleNamestringOptionalExample: String namestringOptionalExample: String passwordstringRequiredExample: String phoneNumberstringOptionalExample: String registrationTypestringRequiredExample: String viewOnlyRightsbooleanRequired 